Vulnerabilities > Redhat > Enterprise Linux AUS

DATE CVE VULNERABILITY TITLE RISK
2019-08-14 CVE-2019-9506 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation.
8.1
2019-06-19 CVE-2019-11478 Resource Exhaustion vulnerability in multiple products
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences.
network
low complexity
linux f5 canonical redhat pulsesecure ivanti CWE-400
7.5
2019-06-19 CVE-2019-11477 Integer Overflow or Wraparound vulnerability in multiple products
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs).
network
low complexity
linux f5 canonical redhat pulsesecure ivanti CWE-190
7.5
2019-06-14 CVE-2019-10126 A flaw was found in the Linux kernel.
network
low complexity
linux redhat canonical debian opensuse netapp
critical
9.8
2019-05-07 CVE-2019-11811 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.0.4.
local
high complexity
linux redhat opensuse CWE-416
7.0
2019-04-18 CVE-2018-16878 Resource Exhaustion vulnerability in multiple products
A flaw was found in pacemaker up to and including version 2.0.1.
5.5
2018-09-14 CVE-2018-14638 Double Free vulnerability in multiple products
A flaw was found in 389-ds-base before version 1.3.8.4-13.
network
low complexity
fedoraproject redhat CWE-415
7.5
2018-07-06 CVE-2018-13405 Improper Privilege Management vulnerability in multiple products
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group.
7.8
2018-06-11 CVE-2017-7847 Information Exposure vulnerability in multiple products
Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name.
network
low complexity
debian redhat mozilla CWE-200
4.3
2018-06-11 CVE-2017-7829 Improper Input Validation vulnerability in multiple products
It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient.
network
low complexity
mozilla redhat debian canonical CWE-20
5.3